本文共 4355 字,大约阅读时间需要 14 分钟。
StorageClass 为管理员提供了描述存储“类”的方法。不同类型的存储类可能会映射到不同的服务质量等级或备份策略,或者由集群管理员制定的任意策略。每个 StorageClass 包含 provisioner、parameters 和 reclaimPolicy 字段,这些字段会在动态分配 PersistentVolume 时使用到。
StorageClass 对象的命名很重要,用户使用这个命名来请求生成一个特定的类。当创建 StorageClass 对象时,管理员设置 StorageClass 对象的命名和其他参数,一旦创建后不能再对其进行更新。
# 安装 NFS 服务并启动yum -y install nfs-common nfs-utilssystemctl start nfs && systemctl enable nfssystemctl start rpcbind && systemctl enable rpcbind
mkdir -p /data/nfsprovisionerchmod 777 /data/nfsprovisionerchown nfsnobody /data/nfsprovisioner
cat > /etc/exports << EOF# 将共享目录添加到 exports 文件中/data/nfsprovisioner *(rw,async)EOF
# 修改对应的 NFS 地址和目录
apiVersion: storage.k8s.io/v1kind: StorageClassmetadata: name: managed-nfs-storageprovisioner: fuseim.pri/ifs # 或其他名称,需与部署的环境相关联parameters: archiveOnDelete: "false"# 例:服务账号配置apiVersion: v1kind: ServiceAccountmetadata: name: nfs-client-provisioner namespace: default# 例:角色配置apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRolemetadata: name: nfs-client-provisioner-runnerrules: - apiGroups: [""] resources: ["persistentvolumes"] verbs: ["get", "list", "watch", "create", "delete"] - apiGroups: [""] resources: ["persistentvolumeclaims"] verbs: ["get", "list", "watch", "update"] - apiGroups: ["storage.k8s.io"] resources: ["storageclasses"] verbs: ["get", "list", "watch"] - apiGroups: [""] resources: ["events"] verbs: ["create", "update", "patch"]# 例:角色绑定apiVersion: rbac.authorization.k8s.io/v1kind: ClusterRoleBindingmetadata: name: run-nfs-client-provisionersubjects: - kind: ServiceAccount name: nfs-client-provisioner namespace: defaultroleRef: kind: ClusterRole name: nfs-client-provisioner-runner apiGroup: rbac.authorization.k8s.io# 例:角色配置apiVersion: rbac.authorization.k8s.io/v1kind: Rolemetadata: name: leader-locking-nfs-client-provisioner namespace: defaultrules: - apiGroups: [""] resources: ["endpoints"] verbs: ["get", "list", "watch", "create", "update", "patch"]# 例:角色绑定apiVersion: rbac.authorization.k8s.io/v1kind: RoleBindingmetadata: name: leader-locking-nfs-client-provisioner namespace: defaultsubjects: - kind: ServiceAccount name: nfs-client-provisioner namespace: defaultroleRef: kind: Role name: leader-locking-nfs-client-provisioner apiGroup: rbac.authorization.k8s.io# 例:部署配置apiVersion: apps/v1kind: Deploymentmetadata: name: nfs-client-provisioner labels: app: nfs-client-provisioner namespace: defaultspec: replicas: 1 strategy: type: Recreate selector: matchLabels: app: nfs-client-provisioner template: metadata: labels: app: nfs-client-provisioner spec: serviceAccountName: nfs-client-provisioner containers: - name: nfs-client-provisioner image: registry.cn-shanghai.aliyuncs.com/leozhanggg/storage/nfs-client-provisioner:latest volumeMounts: - name: nfs-client-root mountPath: /persistentvolumes env: - name: PROVISIONER_NAME value: fuseim.pri/ifs - name: NFS_SERVER value: 服务器IP地址 - name: NFS_PATH value: /data/nfsprovisioner volumes: - name: nfs-client-root nfs: server: 服务器IP地址 path: /data/nfsprovisioner
apiVersion: v1kind: PersistentVolumeClaimmetadata: name: test-claimannotations: volume.beta.kubernetes.io/storage-class: "managed-nfs-storage"spec: accessModes: - ReadWriteMany resources: requests: storage: 1Mi
apiVersion: v1kind: Podmetadata: name: test-podspec: containers: - name: test-pod image: busybox command: - "/bin/sh" args: - "-c" - "touch /mnt/SUCCESS && exit 0 || exit 1" volumeMounts: - name: nfs-pvc mountPath: "/mnt" restartPolicy: "Never" volumes: - name: nfs-pvc persistentVolumeClaim: claimName: test-claim
# 部署配置kubectl apply -f nfs-client-provisioner.yaml# 检查 Pod 状态kubectl get pod | grep nfs-client-provisioner
# 删除测试 Podkubectl delete -f /root/test-pod.yaml# 删除 PersistentVolumeClaimkubectl delete persistentvolumeclaim "test-claim"
请根据实际环境调整 NFS 服务器地址和共享目录路径。部署完成后,可以通过 kubectl get pod 检查 NFS 客户端 Provisioner 的运行状态。
转载地址:http://zknyz.baihongyu.com/